Attack Computer Wiz

A Security & Technology Weblog

Extortionware = A piece of software, most commonly in the form of a virus or self replicating code, that infects a computer system taking control of files or processes that in addition to being annoying and difficult to remove, has built in advertisements that promise removal only upon payment. (That’s my definition) Some may refer to this as “Ransomware”, however I believe they are wrong. Ransomware, in my opinion, implies that the criminal has in their position something of yours and are demanding money for its return. In fact, in the case of extorntionware, the criminal possesses only knowledge on how to remove a virus or restore a file that the victim still possesses but may have limited or no access to.

Most all of us have seen some sort of extortionware. Most the time it comes in the form of a program that advises a user that they have a virus and that this virus can only be removed using “brand-X” virus protection software that they must purchase. These programs, while extremely annoying, are most of the time nothing more than that, an annoyance. They can usually be removed by a system restore or other methods of rooting out registry entries and files.

Gpcode.ak on the other hand, is not your average extortionware. This virus attacks files by encrypting them with an extremely strong RSA-1024 bit key. In laymen’s terms, this is like taking someone’s documents, putting them in a filing cabinet, then locking that cabinet with thousands of combinations locks, each with a different combination. Then giving the cabinet to the owner of the documents along with a message telling them if they want to read their documents again it will cost them X-amount of dollars. This RSA-1024 bit encryption is all but impossible to crack. According to Kaspersky; it could take 15 million computers running an entire year to break the key (LINK).

This virus, just like any other virus (malware, spyware, adware, and so on) has a human factor. It has been said that the weakest part of any system is located directly between the chair that the keyboard. Unless you don’t know, that is you (and me). The human factor removed, for the most part, this virus cannot infect a system. If a user does not click pop-ups, does not visit fraudulent websites, does not install the “free screen savers”, does not open infected email or email attachments, does not use administrator accounts, and keeps system passwords strong and private (to name a few) then it would be nearly impossible for a system to be infected with this or any other virus.

Crackers (aka hackers) can use technological methods to infiltrate a system. But, generally speaking they won’t. Why should they spend hours of work trying to hack a system, when they can just sit back and let you do the work for them by mass mailing spam, relying on users to forward chain letters, put up fraudulent websites, and other practices that are used to entice you, their victims, into installing the virus’s for them.

user Posted by Mike Wright

| More


Post a Comment